Exam (elaborations)
CEH v11 - ITS478 Exam | Questions And Answers Latest {} A+ Graded | 100% Verified
- Course
- Institution
CEH v11 - ITS478 Exam | Questions And Answers Latest {} A+ Graded | 100% Verified
[Show more]
Content preview
CEH v11 - ITS478 Exam | Questions And Answers Latest {2024- 2025} A+ Graded | 100%Verified
1.) While performing online banking using a Web browser, a user receives an email that contains a link
to an interesting Web site. When the user clicks on the link, another Web browser session starts and
displays a video of cats playing a piano. The next business day, the user receives what looks like an email
from his bank, indicating that his bank account has been accessed from a foreign country. The email asks
the user to call his bank and verify the authorization of a funds
transfer that took place. What Web browser-based security vulnerability was exploited to compromise
the user?
A. Clickjacking
B. Cross-Site Scripting
C. Cross-Site Request Forgery
D. Web form input validation - Correct Answer: C
Cross-Site Request Forgery, aka a one-click attack or session riding, is an attack in which the attacker
exploits victim's active session with a trusted site to perform malicious activities such as item purchases
and the modification or retrieval of account information. In CSRF web attacks, the attacker creates a
host form, containing malicious information, and sends it to the authorized user. The user fills in the
form and sends it to the web server. Because the data originates from a trusted user, the web server
accepts the data.
- Clickjacking attack is performed when the target website is loaded into an iframe element that is
masked with a web page element that appears legitimate. The attacker performs this attack by tricking
the victim into clicking on any malicious webpage element that is placed transparently on the top of any
trusted web page.
- Cross-site scripting (XSS) enables malicious attackers to inject client-side script into webpages viewed
by other users. Attack occurs when invalidated input data is included in dynamic content that is sent to a
user's web browser for rendering. Attackers inject malicious JavaScript, VBScript, ActiveX, HTML or Flash
for execution on a victim's system by hiding it within legitimate requests.
2.) Which service in a PKI will vouch for the identity of an individual or company?
A. KOC
B. CR
C. CBC
D. CA - Correct Answer: D
,PKI: Public Key Infrastructure, a security architecture developed to increase the confidentiality of
information exchanged over the insecure Internet. It includes hardware, software, people, policies and
procedure required to create, distribute, use, store, and revoke digital certificates.
In cryptography, the PKI helps to bind public keys with corresponding user identities by means of a
certification authority (CA).
3.) Identify the web application attack where the attackers exploit vulnerabilities in dynamically
generated web pages to inject client-side script into web pages viewed by other users.
A. LDAP Injection attack
B. Cross-Site Scripting (XSS)
C. SQL injection attack
D. Cross-Site Request Forgery (CSRF) - Correct Answer: B
Cross-site scripting (XSS) enables malicious attackers to inject client-side script into web pages viewed by
other users. Attack occurs when invalidated input data is included in dynamic content that is sent to a
user's web browser for rendering. Attackers inject malicious JavaScript, VBScript, ActiveX, HTML or Flash
for execution on a victim's system by hiding it within legitimate requests.
Cross-Site Request Forgery, aka a one-click attack or session riding, is an attack in which the attacker
exploits victim's active session with a trusted site to perform malicious activities such as item purchases
and the modification or retrieval of account information. In CSRF web attacks, the attacker creates a
host form, containing malicious information, and sends it to the authorized user. The user fills in the
form and sends it to the web server. Because the data originates from a trusted user, the web server
accepts the data.
XSS attack exploits the trust a user has for a particular website.
CSRF exploits the trust that a website has on a user's browser.
An LDAP attack exploits user parameters to generate an LDAP query. It runs on an internet transport
protocol such as TCP, and it is an open-standard protocol for manipulating and querying Directory
Services. It is used to take advantage of non-validated web application input vulnerabilities to pass LDAP
filters used for searching Directory Services to obtain direct access to databases behind an LDAP tree.
4.) User A is writing a sensitive email message to user B outside the local network. User A has chosen to
use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the
OSI layer does the encryption and decryption of the message take place?
,A. Application --> Layer we see SMTP, HTTP, FTP, DNS, POP3
B. Transport --> "Post Office" layer, parcels and letters; TCP, UDP
C. Session --> Communication management between devices; NetBIOS, SAP
D. Presentation --> Character encoding, application encryption; MPEG, SSL, TLS; Application, encryption -
Correct Answer: D
5.) A new wireless client is configured to join a 802.11 network. This client uses the same hardware and
software as many of the other clients on the network. The client can see the network, but cannot
connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the
association requests being sent by the wireless client. What is a possible source of this problem?
A. The WAP does not recognize the client's MAC address Access control
B. The client cannot see the SSID of the wireless network
C. Client is configured for the wrong channel
D. The wireless client is not configured to use DHCP - Correct Answer: A
6.) If you want to only scan fewer ports than the default scan using Nmap tool, which option would you
use?
A. -r Sequential port scan
B. -F Fast port scan for speed up
C. -P port scan (?)
D. -sP perform a ping scan only - Correct Answer: B
7.) Which of the following is the structure designed to verify and authenticate the identity of individuals
within the enterprise taking part in a data exchange?
A. SOA
B. biometrics
C. single sign on
D.PKI - Correct Answer: D
8.) You are tasked to perform a penetration test. While you are performing information gathering, you
find an employee list in Google. You find the receptionist's email, and you send her an email changing
the source email to her boss's email (boss@company). In this email, you ask for a pdf with information.
, She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious
links (these links contain malware) and send back the modified pdf, saying that the links don't work. She
reads your email, opens the links, and her machine gets infected. You now have access to the company
network. What testing method did you use?
A. Social engineering
B. Piggybacking
C. Tailgating
D. Eavesdropping - Correct Answer: A
9.) If a tester is attempting to ping a target that exists but receives no response or a response that states
the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other
option could the tester use to get a response from a host using TCP?
A. Traceroute
B. Hping
C. TCP ping
D. Broadcast ping - Correct Answer: B
Hping2/Hping3 is a command-line-oriented network scanning and packet crafting tool for the TCP/IP
protocol that sends ICMP echo requests and supports TCP, UDP, ICMP and raw-IP protocols. It performs
network security auditing, firewall testing, manual path MTU discovery, advanced traceroute, remote OS
fingerprinting. It can send custom TCP/IP packets and display target replies similarly to a ping program
with ICMP replies.
- Traceroute : uses the ICMP protocol concept and Time to Live (TTL) field of the IP header to find the
path of the target host in the network.
10.) Which is the first step followed by Vulnerability Scanners for scanning a network?
A. OS Detection
B. Firewall detection
C. TCP/UDP Port scanning
D. Checking if the remote host is alive - Correct Answer: D
Some objectives for scanning a network:
- Discover the network's live hosts, IP addresses, and open ports of the live hosts. Using the open ports,
the attacker will determine the best means of entering into the system.
- Discover the OS and system architecture of the target, aka fingerprinting.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller oneclass. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.48. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
85651 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now